<html>
<head><meta charset="utf-8"><title>Change Allocation error default behaviour compiler-team#366 · t-compiler/major changes · Zulip Chat Archive</title></head>
<h2>Stream: <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/index.html">t-compiler/major changes</a></h2>
<h3>Topic: <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html">Change Allocation error default behaviour compiler-team#366</a></h3>

<hr>

<base href="https://rust-lang.zulipchat.com">

<head><link href="https://rust-lang.github.io/zulip_archive/style.css" rel="stylesheet"></head>

<a name="210678544"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210678544" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> triagebot <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210678544">(Sep 20 2020 at 18:23)</a>:</h4>
<p>A new proposal has been announced: <a href="https://github.com/rust-lang/compiler-team/issues/366">Change Allocation error default behaviour #366</a>. It will be announced at the next meeting to try and draw attention to it, but usually MCPs are not discussed during triage meetings. If you think this would benefit from discussion amongst the team, consider proposing a design meeting.</p>



<a name="210678692"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210678692" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> XAMPPRocky <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210678692">(Sep 20 2020 at 18:26)</a>:</h4>
<p>See also the discussion around hyper’s C API where this recently came up. <a href="https://github.com/hyperium/hyper/issues/2265">https://github.com/hyperium/hyper/issues/2265</a></p>



<a name="210678732"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210678732" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Josh Triplett <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210678732">(Sep 20 2020 at 18:27)</a>:</h4>
<p>One notable constraint: if panicking because an allocation failed, the panic and unwind cannot allocate any memory.</p>



<a name="210678786"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210678786" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Josh Triplett <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210678786">(Sep 20 2020 at 18:28)</a>:</h4>
<p>Also, see <a href="https://github.com/rust-lang/rust/issues/66740">https://github.com/rust-lang/rust/issues/66740</a> and <a href="https://github.com/rust-lang/rust/issues/66741">https://github.com/rust-lang/rust/issues/66741</a> .</p>



<a name="210678892"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210678892" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Jonas Schievink  [he/him] <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210678892">(Sep 20 2020 at 18:31)</a>:</h4>
<p>This seems like a duplicate of <a href="https://github.com/rust-lang/rust/issues/66741">https://github.com/rust-lang/rust/issues/66741</a></p>



<a name="210679228"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210679228" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> XAMPPRocky <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210679228">(Sep 20 2020 at 18:39)</a>:</h4>
<p>Not quite, at least in the PR that’s purposed in that issue. That adds a new error handler for no_std environments that is panic. I’m proposing changing this line in std’s implementation from abort to panic. <a href="https://github.com/rust-lang/rust/blob/97eb606e4b2becd17d46a67d87169f52b210e67c/library/std/src/alloc.rs#L331">https://github.com/rust-lang/rust/blob/97eb606e4b2becd17d46a67d87169f52b210e67c/library/std/src/alloc.rs#L331</a></p>



<a name="210680198"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210680198" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Jonas Schievink  [he/him] <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210680198">(Sep 20 2020 at 19:04)</a>:</h4>
<p>Ah, okay. I was wondering why this was in t-compiler, but that makes sense as part of libstd implementation details.</p>



<a name="210681338"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210681338" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> simulacrum <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210681338">(Sep 20 2020 at 19:33)</a>:</h4>
<p><span class="user-mention" data-user-id="219696">@XAMPPRocky</span> I think it would be helpful to include a description of why you think this is something T-compiler can change (i.e., why this is not a T-libs thread, basically)</p>



<a name="210681394"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210681394" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> simulacrum <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210681394">(Sep 20 2020 at 19:34)</a>:</h4>
<p>I guess the argument is that it's not stabilized either way, but I imagine there needs to be some thought about this -- in particular, programs may be written such that they assume allocation failure would mean abort and would otherwise not be safe. (i.e., unsafe code could rely on this)</p>



<a name="210681415"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210681415" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> simulacrum <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210681415">(Sep 20 2020 at 19:35)</a>:</h4>
<p>and really I would feel much better about changing this with more background etc on the topic :)</p>
<p>cc <span class="user-mention" data-user-id="143274">@Amanieu</span> who I think has been sort of driving allocref and allocators in general recently</p>



<a name="210681584"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210681584" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Amanieu <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210681584">(Sep 20 2020 at 19:38)</a>:</h4>
<p>There are concerns that unsafe code may not handle "new" sources of unwinding properly.</p>



<a name="210681608"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210681608" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Amanieu <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210681608">(Sep 20 2020 at 19:38)</a>:</h4>
<p>Oh <span class="user-mention" data-user-id="116122">@simulacrum</span> already mentioned that. I think that's really the main concern here.</p>



<a name="210681620"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210681620" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> XAMPPRocky <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210681620">(Sep 20 2020 at 19:39)</a>:</h4>
<p><span class="user-mention" data-user-id="116122">@simulacrum</span> It’s an implementation detail. Someone could fork and distribute an API compatible version of rustc that panics by default rather than aborts.</p>



<a name="210681677"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210681677" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> simulacrum <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210681677">(Sep 20 2020 at 19:40)</a>:</h4>
<p>Just saying "implementation detail" isn't really sufficient IMO, you need to justify why people cannot depend on this -- and it seems to me that we know of at least one type of code where people <em>can</em>. So you need to argue why breaking that code, potentially introducing UB, is okay / trade-off is worth it.</p>



<a name="210681689"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210681689" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Amanieu <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210681689">(Sep 20 2020 at 19:40)</a>:</h4>
<p>It's possible to work around the issue of unwinding needing to allocate memory by allocating an exception object on startup just in case of OOM. The C++ standard library already does this.</p>



<a name="210681719"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210681719" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Amanieu <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210681719">(Sep 20 2020 at 19:41)</a>:</h4>
<p>I would have to triple-check my unsafe code to see if it handles unwinding on alloc failure correctly. I think <code>parking_lot</code> isn't unwind-safe if allocation can unwind, but I'll have to double-check.</p>



<a name="210681773"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210681773" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> simulacrum <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210681773">(Sep 20 2020 at 19:42)</a>:</h4>
<p>frankly it makes me feel <em>very</em> concerned about change here without some kind of opt-in or something on a relatively granular level if even "foundational" crates written by people likely aware of the possibility of this changing are potentially unsound with this</p>



<a name="210681783"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210681783" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> simulacrum <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210681783">(Sep 20 2020 at 19:43)</a>:</h4>
<p>at the very least we'd need an audit of std, and that seems quite hard.</p>



<a name="210681845"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210681845" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Amanieu <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210681845">(Sep 20 2020 at 19:44)</a>:</h4>
<p>I do agree on principle that unwinding is a <em>great</em> way to handle OOM situations: the destructors will free any memory used by the "task" that caused the OOM, which usually allows the rest of the process to continue. Most OOM situations happen due to a single excessively large allocation (e.g. due to bad user input) rather than from actual address space exhaustion.</p>



<a name="210681881"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210681881" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> simulacrum <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210681881">(Sep 20 2020 at 19:45)</a>:</h4>
<p>It'd be interesting for me to see the code size / performance impact of those additional unwinding edges</p>



<a name="210681956"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210681956" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Amanieu <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210681956">(Sep 20 2020 at 19:47)</a>:</h4>
<p>It's probably insignificant in a <code>panic=unwind</code> build since there are many functions that the compiler has to assume can unwind.</p>



<a name="210682093"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210682093" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Amanieu <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210682093">(Sep 20 2020 at 19:50)</a>:</h4>
<p>I had a quick look at <code>parking_lot</code>: I don't think it's unsound, but it will leave some locks permanently locked because the internal code uses manual lock/unlock instead of lock guards.</p>



<a name="210703643"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210703643" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> XAMPPRocky <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210703643">(Sep 21 2020 at 05:51)</a>:</h4>
<p><span class="user-mention" data-user-id="116122">@simulacrum</span> Well I'll leave <em>how</em> to change the default up to the compiler team, but I could see this as an edition change to have that kind of opt-in you mentioned.</p>
<blockquote>
<p>you need to justify why people cannot depend on this</p>
</blockquote>
<p>This is not my motivation. If you wanted to depend on aborting for OOM errors you should be able to, this is more about it being the default. My motivation is that this default is very unintuitive for using Rust from other languages, and is counter to Rust's goals of having parity  with C in terms of interop. With the current default you cannot ship stable libraries that don't abort on OOM, which makes Rust a non-starter for use in a lot of large mission critical systems, and even if you could requiring every Rust to C FFI API to expose a <code>unset_oom_abort</code> or equivalent functionality to override the hook before use wouldn't be a good situation for library authors or users either.</p>



<a name="210729564"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210729564" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> simulacrum <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210729564">(Sep 21 2020 at 11:44)</a>:</h4>
<p>My point is that the proposal as it stands doesn't talk about the - seemingly quite real, based on what <span class="user-mention" data-user-id="143274">@Amanieu</span> says and my recollection of std - possibility of a change in defaults here introducing unsoundness or at least incorrect behavior into existing code.</p>
<p>Given that I'd personally say this needs a full RFC to discuss various tradeoffs it's making and lay out the rationale in more detail than the current short proposal.</p>



<a name="210752937"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210752937" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> nikomatsakis <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210752937">(Sep 21 2020 at 14:55)</a>:</h4>
<p>In my opinion this kind of choice is <em>not</em> an implementation detail</p>



<a name="210752988"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210752988" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> nikomatsakis <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210752988">(Sep 21 2020 at 14:55)</a>:</h4>
<p>I think that it should be a T-libs choice, with T-lang "kept informed"</p>



<a name="210753034"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210753034" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> nikomatsakis <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210753034">(Sep 21 2020 at 14:56)</a>:</h4>
<p>At least if I'm understanding, this feels like a pretty user visible change</p>



<a name="210762672"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210762672" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> XAMPPRocky <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210762672">(Sep 21 2020 at 16:03)</a>:</h4>
<p>Okay, I’m going to close this MCP for now then. Thanks for the feedback everyone!</p>



<a name="210801284"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210801284" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Josh Triplett <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210801284">(Sep 21 2020 at 21:16)</a>:</h4>
<p>FWIW, there was an interesting conversation about allocation in the Linux Plumbers Conference discussions around Rust in the Linux kernel. Linux has some different ways to allocate memory, and it may be important to handle allocation failure in better ways, as well as providing ways to affect <em>how</em> memory is allocated (e.g. "is it safe to go try to free up some memory before returning from the allocator").</p>



<a name="210804119"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210804119" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Lokathor <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210804119">(Sep 21 2020 at 21:43)</a>:</h4>
<p>Yeah, Rust <em>certainly</em> needs to improve in this area.</p>
<p>The fact that code might be unsound in the presence of unwinding allocation failure instead of aborting allocation failure really just means that <em>such code needs to be found and fixed</em>. It's essentially just "Not Acceptable" for abort-on-OOM to be the eternal situation. It's fine if this is a long term project that takes N years to transition instead of a 1 month PR, but we should slowly drive in this direction.</p>
<p>Particularly because you can change the oom hook (only on Nightly, yes yes) and then the unsound code would just plain become unsound. Having that outcome from two distant pieces of code both thinking they have enough knowledge of how a global thing works is just a bad time.</p>



<a name="210815717"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210815717" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> simulacrum <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210815717">(Sep 22 2020 at 00:09)</a>:</h4>
<p><span class="user-mention" data-user-id="224471">@Lokathor</span> I definitely agree, especially given the oom hook on nightly, but I think my perspective is that <em>yes</em> we might want this but it needs more thought than an MCP can give, and likely RFC style feedback.</p>



<a name="210815814"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/210815814" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Lokathor <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#210815814">(Sep 22 2020 at 00:10)</a>:</h4>
<p>yeah yeah, probably the most an MCP could do here directly is found a group to begin the long term work and position us for the change later.</p>



<a name="212218471"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/212218471" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> RalfJ <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#212218471">(Oct 04 2020 at 11:12)</a>:</h4>
<p>Also note that the answer is not as easy as "change it on the next edition" or "application-level opt-in"; neither of these do anything to protect against crates somewhere in the dependency tree getting this wrong.</p>



<a name="212233707"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/233931-t-compiler/major%20changes/topic/Change%20Allocation%20error%20default%20behaviour%20compiler-team%23366/near/212233707" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Lokathor <a href="https://rust-lang.github.io/zulip_archive/stream/233931-t-compiler/major-changes/topic/Change.20Allocation.20error.20default.20behaviour.20compiler-team.23366.html#212233707">(Oct 04 2020 at 17:59)</a>:</h4>
<p>Yeah, this absolutely can't be edition related.</p>



<hr><p>Last updated: Aug 07 2021 at 22:04 UTC</p>
</html>